On Thu, Sep 23, 2010 at 4:15 PM, Gavin Panella <gavin.pane...@canonical.com> wrote: > If I'm collaborating on, reviewing, or otherwise running a > not-expected-to-be-evil-but-not-known-to-be-safe Launchpad API > consumer, I'd like to be able to say "please use a read-only token > this time instead of the desktop token" to reduce the possibility of > mishap. Will that be possible?
It's possible, but probably not what we really want to do. Here are a few scenarios: 1) the app is evil: you're screwed so it doesn't matter if you give it read-only or not 2) the app only reads data: you're fine, but you would have been find with read/write access anyway 3) the app wants to write data: you're fine up until the point the app writes, at which point it dies a horrible death, confusing and irritating the end user 4) the app isn't evil but has a bug such that it makes unwanted writes to LP The only case where granting a desktop app a read-only token would have helped you is 4. If that case is a big enough concern to do something about, it would be better remedied by a launchpadlib API that lets an app request read-only access instead of making the user know that a particular app only needs read-only access and remembering to choose it when prompted by LP. > Btw, that was a really well written explanation of the issue. Indeed. -- Benji York _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
